release-tag
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes several standard git and shell commands (e.g.,
git checkout,git pull,git describe,git log,git tag,git push,sed) to perform repository management and versioning tasks. - [DATA_EXFILTRATION]: The skill performs network operations via
git push origin v<VERSION>to synchronize tags with the remote repository. This is the primary intended function of the skill and targets the user's configured origin. - [PROMPT_INJECTION]: The skill analyzes commit history to recommend version increments. While commit messages are external data, the skill includes a mandatory interactive step (
AskUserQuestion) where the user must review and confirm the proposed version and commands before execution. - [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected. The use of signed tags (
-s) and specific branch/tag pushing indicates a security-conscious design.
Audit Metadata